Slashdot Mirror

← Back to Stories (view on slashdot.org)

'SMS of Death' Could Crash Many Mobile Phones

Posted by Soulskill on from the can-we-find-better-names-for-these-things dept.

space_in_your_face writes "Research presented at a conference in Germany last week shows that phones don't even have to be smart to be vulnerable to hackers. Using only Short Message Service (SMS) communications, a pair of security researchers were able to force low-end phones to shut down abruptly and knock them off a cellular network. The trick works for handsets made by Nokia, LG, Samsung, Motorola, Sony Ericsson, and Micromax, a popular Indian cell-phone manufacturer."

20 of 108 comments (clear)

  1. Ahhhhhhhhh by Jimpqfly · · Score: 2, Funny

    Peace, at last !
    No more stupid ring tones, no more boss (or wife) calls...
    GREAT !

    1. Re:Ahhhhhhhhh by Jimpqfly · · Score: 4, Insightful

      You have the button, but this is better : you have the EXCUSE

    2. Re:Ahhhhhhhhh by Abstrackt · · Score: 2

      Where I come from boss == wife.

      No wonder you're here instead.

      --
      They say a little knowledge is a dangerous thing, but it's not one half so bad as a lot of ignorance. - Terry Pratchett
    3. Re:Ahhhhhhhhh by Anonymous Coward · · Score: 2, Funny

      Peace, at last !

      No more stupid ring tones, no more boss (or wife) calls...

      GREAT !

      Hello quiet my old friend.
      Within the SMS of silence.

    4. Re:Ahhhhhhhhh by damien_kane · · Score: 2

      +1 Slack
      --
      "But this one goes to 11!"

      Slackware is up to 13.1, though.
      Well past 11.

  2. Desired future news: by Even+on+Slashdot+FOE · · Score: 5, Insightful

    Sending the "SMS of Death" has become common practice at theaters in order to finally force people's cell phones to stop ringing.

    1. Re:Desired future news: by somersault · · Score: 2

      I thought that was just jamming, and I also saw someone else saying they had to stop doing that to allow emergency calls from movie theaters?

      --
      which is totally what she said
    2. Re:Desired future news: by Jimpqfly · · Score: 2

      How would you get people's phone number ?

    3. Re:Desired future news: by somersault · · Score: 4, Insightful

      Ah, the good old "put half of my post in the title, even though a lot of people skim past the titles since they're usually full of Re:re:re:re:re:". Oops.

      --
      which is totally what she said
  3. Re:So ... by kenrblan · · Score: 3, Funny

    You might need to define vicinity. One option is to send the programmatically SMS of death to every possible combination of mobile phone numbers within you area code. That might hit a few that have roamed outside your area, but would largely accomplish your task.

    --
    Make everything as simple as possible, but not simpler. - Albert Einstein
  4. VoD of the Talk by radl · · Score: 5, Informative

    You can watch the talk over here: http://mirror.fem-net.de/CCC/27C3/mp4-h264-HQ/27c3-4060-en-attacking_mobile_phones.mp4 or download it via torrent: http://mirror.fem-net.de/CCC/27C3/mp4-h264-HQ/27c3-4060-en-attacking_mobile_phones.mp4.torrent

    --
    1266953+17
  5. No surprises by rsilvergun · · Score: 3, Funny

    I had a cheap Virgin Mobile, and if you looked at it funny it would crash.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  6. Re:So ... by jo_ham · · Score: 2

    And if you're in the UK, you'd be stuck too, since all mobile numbers start 07, and have nothing to do with your local area code which only apply to landlines.

  7. Re:So ... by eleuthero · · Score: 2

    Google voice? (they warn that abuse will get sms privileges taken down) but after that happens, there's always AT&T... maybe start with them... their webpage allows sending of sms for free.

  8. Re:So ... by xaxa · · Score: 2

    At least you know you'd only be addressing mobile phones (you'd need to be a bit more careful than just 07, but the ranges are on the Wikipedia article for UK numbers).

    SMSing the 10,000,000 numbers in a US area code region is going to hit a lot of landlines.

  9. twice ridiculous by toolz · · Score: 4, Informative

    1.This post (and the linked-to article) make a great effort to hide the name of the "conference in Germany". $deity knows why, but the conference was the 27th Chaos Communication Congress (27C3), organised by the Chaos Computer Club.

    2.The "SMS of death" was not new in any way - it was well known and discussed back in 2008 at the 25C3. What the researchers effectively showed was that the manufacturers and the GSM networks had *still* not fixed the problem, even years later!

    --
    You aren't remembered for doing what is expected of you
  10. Re:So ... by GameboyRMH · · Score: 2

    there's always AT&T... maybe start with them... their webpage allows sending of sms for free.

    ...and there you go. (SMSes of death * shellscript) / unsecured wifi = weapon of mass pwnage.

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  11. Re:Executable SMS? by digsbo · · Score: 2

    For specific purposes carriers may provision SMSC (short message service centers) and GMSC (gateway message service centers) to send binary data to interact with applications on the mobiles.

    In practice, this is very rare because the carriers have known for a long time that binary payloads may be susceptible to misuse for malicious reasons. Thus, very few originators of short messages are permitted to send binary payloads (or at least when I was doing this a few years ago, maybe now it's different).

    This is probably now much of an issue because it's really quite difficult to get binary sms provisioning from carriers (AT&T, TMO, etc.) because you need to have a contract with special stipulations about what the originating messages will be used for. These are looked at closely by carriers.

  12. Re:So ... by yakatz · · Score: 2

    In North America, phone numbers are always in the form NXX-NXX-XXXX, with N being a digit from 2-9 and X being a digit from 0-9.
    Instead of 10,000,000,000 permutations, you only have 6,400,000,000
    It is called NANPA and there are a few other reserved numbers mixed in (for example, in an NXX group, both Xs can not be 1 to avoid confusion with N11 services such as 911).
    Wikipedia also has a good article about this.

  13. SMS Content? by salmosri · · Score: 3, Funny

    Anyone know what to put in the message? Just for research purposes....